Loading...
Loading...
Found 802 Skills
Analyze the current workspace codebase and produce a single-file interactive C4 architecture diagram as HTML (L1 System Context → L2 Containers → L3 Components), with drill-down, breadcrumb, side panel, and light theme. Use when the user asks for C4 diagrams, interactive architecture HTML, system context/container/component views, or 可交互 C4 架构图. 分析当前项目代码结构,生成交互式 C4 架构图(单文件 HTML):系统上下文、容器、组件三级下钻、面包屑、侧栏详情、浅色主题。触发词:C4 架构图、交互式架构、系统上下文、容器图、组件图、架构可视化、可下钻、architecture diagram、interactive C4。
OAuth and OIDC misconfiguration testing playbook. Use when reviewing redirect URI handling, state and nonce validation, PKCE, token audience, callback binding, and identity-provider trust flaws.
Insecure deserialization playbook. Use when Java, PHP, or Python applications deserialize untrusted data via ObjectInputStream, unserialize, pickle, or similar mechanisms that may lead to RCE, file access, or privilege escalation.
Entry P0 primary router for HackSkills. Use when the task involves web application testing, API security assessment, recon, vulnerability triage, exploit path planning, or choosing the right next category skill before any deep topic skill.
NoSQL injection playbook. Use when MongoDB-style operators, JSON query objects, flexible search filters, or backend query DSLs may allow data or logic abuse.
RSA attack playbook for CTF and real-world cryptanalysis. Use when given RSA parameters (n, e, c) and need to recover plaintext by exploiting weak keys, small exponents, shared factors, or padding oracles.
Traffic analysis and PCAP forensics playbook. Use when analyzing network captures including Wireshark filters, protocol analysis (HTTP/DNS/FTP/SMTP/USB/WiFi), data extraction, covert channel detection, PCAP repair, TLS decryption, and tshark command-line analysis.
Linux lateral movement playbook. Use after gaining initial access to pivot across Linux hosts via SSH hijacking, credential harvesting, internal pivoting, D-Bus exploitation, sudo token reuse, and shared filesystem abuse.
DNS rebinding attack playbook. Use when testing applications that trust DNS resolution for origin checks, interact with internal services from browser context, or when SSRF is not possible server-side but the target has client-side fetch/XHR to attacker-controlled domains.
KBL 한국프로농구 경기 결과와 현재 팀 순위를 날짜/팀 기준으로 조회한다. 공식 JSON 엔드포인트와 kbl-results npm 패키지를 사용한다.
Use when a user mentions Scandit, data capture SDK, barcode scanning products, smart data capture, choosing a scanning product, comparing scanning features, supported barcode symbologies, system requirements, device compatibility, or Scandit pricing. Helps choose the right Scandit product (SparkScan, Barcode Capture, MatrixScan, Smart Label Capture, ID Capture, etc.), points to the correct documentation and sample apps for their platform, and hands off to implementation skills.
End-to-end deep research and analysis pipeline. Takes a raw idea or market question, conducts deep web research, builds a competitive landscape, runs multi-framework intelligence analysis (/think), stress-tests it (/red-team), researches the red team findings, re-thinks with adversarial data, re-red-teams, and iterates until divergence between think and red-team is low (conviction stabilizes). Then generates a comprehensive single-file HTML report with all findings: market landscape, competitive analysis, intelligence briefs, red team results, how to win, and how you could lose. Use when the user says "/deepthink", "deep think", "deep research", or wants a comprehensive research-to-report pipeline on any idea, market, or strategic question.